urlscan.io logo urlscan.io
SecurityTrails logo

enemonzo.org Open in urlscan Pro
2606:4700:3033::6815:1205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enemonzo.org/
Effective URL: https://enemonzo.org/
Submission: On August 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 8 countries across 32 domains to perform 104 HTTP transactions. The main IP is 2606:4700:3033::6815:1205, located in United States and belongs to CLOUDFLARENET, US. The main domain is enemonzo.org.
TLS certificate: Issued by GTS CA 1P5 on July 24th 2023. Valid for: 3 months.
This is the only time enemonzo.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a02:6b8:a::a 208722 (GLOBAL_DC)
1 151.101.1.195 54113 (FASTLY)
4 46.4.104.244 24940 (HETZNER-AS)
3 7 2a02:6b8::1:119 208722 (GLOBAL_DC)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:237... 16509 (AMAZON-02)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 147.75.84.158 54825 (PACKET)
1 37.157.6.233 198622 (ADFORM)
3 7 185.89.210.122 29990 (ASN-APPNEX)
7 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 108.138.36.27 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
12 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 141.95.33.111 16276 (OVH)
1 4 2a02:2638:d::d 44788 (ASN-CRITE...)
1 54.171.14.223 16509 (AMAZON-02)
1 178.250.1.11 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
3 4 142.250.184.194 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
1 3 172.217.16.198 15169 (GOOGLE)
4 138.201.63.157 24940 (HETZNER-AS)
1 4 116.202.48.214 24940 (HETZNER-AS)
3 145.239.193.130 16276 (OVH)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 49.12.16.151 24940 (HETZNER-AS)
1 23.218.170.194 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.71.131.137 16509 (AMAZON-02)
1 23.213.164.226 16625 (AKAMAI-AS)
104 46
11    2606:4700:3033::6815:1205 (United States)

ASN13335 (CLOUDFLARENET, US)
enemonzo.org
a.enemonzo.org
3    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2600:9000:225b:8a00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    2600:9000:2156:3a00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
1    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
4    46.4.104.244 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de
www.bigmp3db.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:237d:9400:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.optad360.net
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
7    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
7    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    108.138.36.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-27.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:225b:800:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
12    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
4    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    54.171.14.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
4    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
ad.doubleclick.net
5994599.fls.doubleclick.net
4    138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de
hal9000.redintelligence.net
4    116.202.48.214 (Schoenwalde, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de
hal900013.redintelligence.net
3    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    2a01:4f8:d0a:2321::2 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de
futalis.de
1    23.218.170.194 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-170-194.deploy.static.akamaitechnologies.com
www.awin1.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    23.213.164.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-226.deploy.static.akamaitechnologies.com
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
21 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
119 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
ad.doubleclick.net — Cisco Umbrella Rank: 173
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 148426
181 KB
11 enemonzo.org
enemonzo.org
a.enemonzo.org
355 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37964
hal900013.redintelligence.net — Cisco Umbrella Rank: 240127
52 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
acdn.adnxs.com — Cisco Umbrella Rank: 578
22 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6990
196 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
mug.criteo.com — Cisco Umbrella Rank: 2631
8 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 11461
3 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
3 KB
4 bigmp3db.com
www.bigmp3db.com — Cisco Umbrella Rank: 703281
20 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47866
1 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1329
google-bidout-d.openx.net — Cisco Umbrella Rank: 1333
669 B
3 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2238
mc.yandex.ru — Cisco Umbrella Rank: 4191
161 KB
3 optad360.io
get.optad360.io — Cisco Umbrella Rank: 37809
cmp.optad360.io — Cisco Umbrella Rank: 54359
226 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
4 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 133571
6 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 105
1 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 755
id5-sync.com — Cisco Umbrella Rank: 400
27 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 809
bcp.crwdcntrl.net — Cisco Umbrella Rank: 776
12 KB
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7461
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1403
2 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
388 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18330
704 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 189653
401 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
57 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1404
8 KB
1 adform.net
adx.adform.net — Cisco Umbrella Rank: 4440
530 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 880
275 B
1 optad360.net
cdn.optad360.net — Cisco Umbrella Rank: 58924
3 KB
1 zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 415709
10 KB
104 32
Domain Requested by
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
pagead2.googlesyndication.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
ad.doubleclick.net
7 yastatic.net yandex.ru
7 ib.adnxs.com 3 redirects get.optad360.io
googleads.g.doubleclick.net
acdn.adnxs.com
6 enemonzo.org 1 redirects enemonzo.org
5 mc.yandex.com 2 redirects
5 a.enemonzo.org enemonzo.org
4 hal900013.redintelligence.net 1 redirects ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
hal900013.redintelligence.net
4 hal9000.redintelligence.net ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
hal900013.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 gum.criteo.com 1 redirects static.criteo.net
get.optad360.io
4 www.bigmp3db.com enemonzo.org
www.bigmp3db.com
3 pv.medialead.de hal900013.redintelligence.net
3 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
3 cdn.jsdelivr.net enemonzo.org
get.optad360.io
securepubads.g.doubleclick.net
2 5994599.fls.doubleclick.net 1 redirects ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
2 cdn.retailads.net 1 redirects futalis.de
2 oajs.openx.net 1 redirects
2 ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 mc.yandex.ru 1 redirects enemonzo.org
2 get.optad360.io enemonzo.org
get.optad360.io
1 acdn.adnxs.com get.optad360.io
1 match.adsrvr.org get.optad360.io
1 adservice.google.com 5994599.fls.doubleclick.net
1 fonts.googleapis.com hal900013.redintelligence.net
1 www.awin1.com hal900013.redintelligence.net
1 futalis.de hal900013.redintelligence.net
1 ad.doubleclick.net pagead2.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 www.googletagservices.com ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
1 googleads.g.doubleclick.net ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 adx.adform.net get.optad360.io
1 prebid.a-mo.net get.optad360.io
1 prebid-eu.creativecdn.com get.optad360.io
1 cdn.optad360.net
1 cdn.zx-adnet.com enemonzo.org
1 yandex.ru enemonzo.org
1 cmp.optad360.io enemonzo.org
104 49
Subject Issuer Validity Valid
enemonzo.org
GTS CA 1P5		 2023-07-24 -
2023-10-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.optad360.io
Amazon RSA 2048 M02		 2023-03-01 -
2023-11-15		 9 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-06-21 -
2023-12-19		 6 months crt.sh
s.yousan-top3.com
GTS CA 1D4		 2023-07-07 -
2023-10-05		 3 months crt.sh
www.bigmp3db.com
R3		 2023-08-26 -
2023-11-24		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.optad360.net
Amazon RSA 2048 M02		 2023-06-26 -
2024-07-24		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-07-10 -
2024-01-07		 6 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
pv.medialead.de
R3		 2023-08-13 -
2023-11-11		 3 months crt.sh
*.futalis.de
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh

This page contains 14 frames:

Primary Page: https://enemonzo.org/
Frame ID: 94DC446A9AEAFE2FC79683CF229981EC
Requests: 56 HTTP requests in this frame

Frame: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B166E700407FCA4AF06C58F857700F1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=enemonzo.org
Frame ID: 7E6557E999E6A5DCA04620EBE88B9B5E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC8DC0FE579056F76199693A3FB4B75C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE7C757D138EDBD3694D64D45CCDCDDA
Requests: 2 HTTP requests in this frame

Frame: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7D840AEFD11CEFC3661D1C8F640B486D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUpoXamwWmkJNbQ095Bn1XXd5o6IGHTVHcwN3lO1U6icbPrYE8AKnwimPc3Ae0JwMjPhG_G91TlxUlAkPBFmNz0IP7J_glLdorM6QVkY19pO31gMzG3Tw3WthbS21-q8ePPsqilkz9xisUwL9HN9Mr95XXVAlWKbzxp9KIN9tsoSmK6kLNhw0Bpgo6DVS46u1L0PkM00cYnJPnbGdMHbWn40HdhLA
Frame ID: 31C296783F4A55BBDFAF48884C9E1B7B
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 40C2CD8375D0498B6C29F3BD36734509
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C127CCDF3320375CB263E0319762DF1F
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=84135800121745704445002012433013&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 2C4A635B011CE0DD993190174ADA0435
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3040021425
Frame ID: A6601733B9F8D37F766165ED350F76E2
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP7hkO6Kh4EDFcOlnwodXwkKNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293
Frame ID: 69988AE799782101977A6DFE5B1B5737
Requests: 2 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=84135800121745704445002012433013&a=00322a5a
Frame ID: 932ECFFF3365CC7B2BD5444BE17A6A53
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 733462FB92ED16369DDFCA7CBC8859FD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Investimento 2023

Page URL History Show full URLs

  1. http://enemonzo.org/ HTTP 301
    https://enemonzo.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

104
Requests

91 %
HTTPS

47 %
IPv6

32
Domains

49
Subdomains

46
IPs

8
Countries

1484 kB
Transfer

4381 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enemonzo.org/ HTTP 301
    https://enemonzo.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10112.m3l2c4N2_v4unJbnR2S6ETCb4xoMvGwClhWap7fgT-GFa0Zw9xy20v_O8OoFcknD._Hc7sOXkQ5n0NTDXFFbEqy1Nj3I%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10112.YokXpUB4l6EU8LamaXlW5YSk59UsWxQjipqsSYvqlVqrqvNfrgZ4MsWf-fzoSDDApF1cdlNjP0FSuidVZJlmc_oLXLINRWND_ZEfaNpt69JoE5aKUgIP47U3CB4n0slpjUtvs-uiGiBt75kTUDsI5ggWkskqBRVWGiQNImCsBCS09LO19-a4BzU34PoJTN_0ZbPEVrv0iOjEBqjkfBnoh6gqY0brj_FIfJCimnUY4T8%2C.t5mYgEw3lx_O9p38er7KA5ILSE8%2C
Request Chain 48
  • https://mc.yandex.com/watch/71615602?wmode=7&page-url=https%3A%2F%2Fenemonzo.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1273%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A1424172761087%3Ahid%3A10037838%3Az%3A120%3Ai%3A20230831161539%3Aet%3A1693491339%3Ac%3A1%3Arn%3A138250491%3Arqn%3A1%3Au%3A1693491339604571442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C21%2C432%2C5%2C192%2C0%2C%2C57%2C0%2C1256%2C1256%2C2%2C1230%3Aco%3A0%3Acpf%3A1%3Ans%3A1693491337577%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693491339%3At%3AInvestimento%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/71615602/1?wmode=7&page-url=https%3A%2F%2Fenemonzo.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1273%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A1424172761087%3Ahid%3A10037838%3Az%3A120%3Ai%3A20230831161539%3Aet%3A1693491339%3Ac%3A1%3Arn%3A138250491%3Arqn%3A1%3Au%3A1693491339604571442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C21%2C432%2C5%2C192%2C0%2C%2C57%2C0%2C1256%2C1256%2C2%2C1230%3Aco%3A0%3Acpf%3A1%3Ans%3A1693491337577%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693491339%3At%3AInvestimento%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Request Chain 49
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fenemonzo.org%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fenemonzo.org%2F&rid=esp&cc=1
Request Chain 54
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=enemonzo.org&sn=ChromeSyncframe&so=0&topUrl=enemonzo.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=fs9arnxiMFBRYmVSNGRPZ2ZRRnR4R2wyblRjTlk5WjZ2dVV4bkU5eHpnRmlOTnJ4VW5ERjNkdXNGa2FrWjJOd2Rqb04zNlIyTWR0NDBFM0NUMndQUkxEdHo3eXZtZXNMZHJhMTRYci9FMml6cWladlRhZ1duVzA4T2hSRnlPYy9xLzlkUEtMelFtcXpJS0MyV3dVckJ1Qjk2U2dtN25nblVNbXc2SDU2MThSZDVMRVRyWjZtZjA4SllVMmtFY3dPQ1plRTZWWUtxWWVReEdPVmI0dk1ab1pGSCtpTFZST0Q1K1R5TUdaNDRWMkE0K0JWV0JvNnNXdmxwbjlNeVdraHk2NnplYWVncXZhTGhQUEtkWUMxaW43a3ZiQT09fA&cppv=2
Request Chain 69
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKf5Fx7yaSPkhAP0n6HG9AQ&google_cver=1
Request Chain 70
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPCgi3J7AyqlATFHb5fWzQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKf5Fx7yaSPkhAP0n6HG9AQ&google_cver=1
Request Chain 71
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUTn6aS5ZiEKhHXH4GUW7k&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFUTn6aS5ZiEKhHXH4GUW7k%26google_cver%3D1
Request Chain 72
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Mzg1NzYyNzE4MzY0NzU2NA%3D%3D
Request Chain 80
  • https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D&documentReferer=https%3A%2F%2Fenemonzo.org%2F&ancestorOrigins=https%3A%2F%2Fenemonzo.org&random=7199592629866&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
  • https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D&documentReferer=https%3A%2F%2Fenemonzo.org%2F&ancestorOrigins=https%3A%2F%2Fenemonzo.org&random=7199592629866&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Request Chain 83
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=84135800121745704445002012433013&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3040021425
Request Chain 89
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CP7hkO6Kh4EDFcOlnwodXwkKNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293

104 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
enemonzo.org/
Redirect Chain
  • http://enemonzo.org/
  • https://enemonzo.org/
32 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e218098de3cf600689b6c03e487ff8082bb70b99dc5b41c6f8e944b3282f4a3b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
DYNAMIC
cf-ray
7ff5e2fd29a54daa-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Aug 2023 14:15:38 GMT
expires
Fri, 01 Sep 2023 14:15:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9lvfGDZQWnJlZOgwEvtq7RfCS9fZ3On14cVeZahMVU%2FPf2BLjZTOf7urPaVwL85ewEgzuu95kSy%2BMykqHlwBnisNqBZUW1ePLp9sA1IGxGh0aZin5Pvbs%2B2ZcFY4WAVL4EIxHbwBwW57u4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15

Redirect headers

CF-RAY
7ff5e2fcecbd1e66-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 31 Aug 2023 14:15:37 GMT
Expires
Thu, 31 Aug 2023 15:15:37 GMT
Location
https://enemonzo.org/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe11AZgFoPzhCQ2fncGDHiU%2F2m9wLaE68qJ9kzvaxBRoSJoiPGGxLh0GLLBY5zC0Hw8XMClIgXZqqys5dGupHc8bXL7d25HJq0KZROO0BUZCDW9by8Lct6OAt2koy96EdTt2oZygSKhgKSI%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.css
enemonzo.org/template/futura/css/ 		200 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://enemonzo.org/template/futura/css/style.css
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5573c2a0df449ad984294e800675d77360766a0311656727d0757a16899514fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 16 Dec 2022 09:11:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"31e0c-5efee5c70da15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAup%2BOOGxmBnk43Bo60yvCPlyuHOEK9VEwy6qjKNyJwJlsc2do23x7isAPg2gsR%2BmpwpFWdx%2FBTiKiIZhPRd0FUh1wOR1%2FhD82Eg33sEicI%2BHkn1Yrww6P%2BRAjjoghtn%2FwpLuRcRcnau9So%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7ff5e3004dba4daa-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Sep 2023 14:15:38 GMT
yt.css
enemonzo.org/template/futura/css/ 		69 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://enemonzo.org/template/futura/css/yt.css
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
496f28c8b8f6be622f3b0a0c4df002e2becc9733649762df3fb1a69698cef932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 16 Dec 2022 09:11:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"11516-5efee5c7c9dd7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLPdY%2B3JsiwM7NyM09sX54oFfH2BXBMNzd6WACTMn1n%2BkJYA28X5NOn6GZ77bjGGiJfm2BuTsAm07%2FR45oUcF3Q7JUZ9DuDhdwkf6YIHAxrioqKeGQvH3GVgZYew4owdiQ8bp4ZWvViioXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7ff5e3004dbb4daa-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Sep 2023 14:15:38 GMT
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34967
x-jsd-version
3.1.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230078-FRA, cache-jnb7023-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvMYTLrIk6yRKTLg0fbqTqKCS%2FrVken%2BkPXOf4t3vKHjFeNBX9BuOEwbyJ61EHmz60gItVH%2FqHcSxcsakzOI3uKJuPvWqQlctcmKTMiFmbqZp1YVyO%2Froir1P7YADUa1JMaVKjyYUflcB0i4QA4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ff5e30069bb2c46-FRA
rocket-loader.min.js
enemonzo.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enemonzo.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Aug 2023 13:09:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64e60500-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WitpVes5EvaOIQO1%2B8HuNNSiV4W5ChD9KQtXjqwuFhZhXOGs%2Bz8i3bRVExzDVnURINvI8wCcbx7nIgRvHsxD8JfqK2L5Ce1w3oxGvPNoJml3EbV2B6E9M2HaSMTubHlN7nMG72ZUZa33sdA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7ff5e3004dbc4daa-FRA
expires
Sat, 02 Sep 2023 14:15:38 GMT
scripts.js
enemonzo.org/template/futura/js/ 		177 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enemonzo.org/template/futura/js/scripts.js
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d8234cf8cbc4a9b91789100bf5a0bf8c8fec8be585043e8305915c653fbc15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
503331
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 16 Dec 2022 09:11:58 GMT
server
cloudflare
etag
W/"2c372-5efee5c9edf7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KPaQ8qbz3cogCXA1FrKaNEDhKEE920mNhabFtUEn0sKpdWZ5nc7oUe2W%2BDg8rPgA1BMR4NLNETR6YK0meUj1dwnNMbfdCYcheqPVIjbP9xXlx%2FnuMQkrFumUT8JHl8ff8%2FjHSmq1xxrXyI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7ff5e30388fb9072-FRA
expires
Fri, 08 Sep 2023 18:26:47 GMT
plugin.min.js
get.optad360.io/sf/acaa577f-1ae1-4b91-a272-ebe11f5f1964/ 		275 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/acaa577f-1ae1-4b91-a272-ebe11f5f1964/plugin.min.js
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b34dd732c2b9a42bcde72f8f4141716a094a465bcb1e6198500da1a632a1e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 15:07:47 GMT
content-encoding
gzip
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 13:35:35 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
83272
etag
W/"f57e70bc3b2db8f8b71fa107285783b5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
3yP679u9AIQa16gsVAHzWNQpq_GUJBK-2lxzgvkF5QmOX-w0G7naGg==
e587bfa5-0a65-4a08-916b-1df5c59230cc.min.js
cmp.optad360.io/items/ 		497 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/e587bfa5-0a65-4a08-916b-1df5c59230cc.min.js
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3a00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 12:40:12 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
66210
etag
"7acdc116a0830ba0aef5e087010246ba"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
497
x-amz-cf-id
BKHeTAZQe4MmyZ8JUzoRhftl0HLS5pXTM94of42wr_nWeK4-Xm93mg==
context.js
yandex.ru/ads/system/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7c6a95dba3a8b52b81edcf7e4b42631ba8b886fd5d892b3ba11ccfe9ce6afb10
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1693491338930953-7635250751272256286-balancer-l7leveler-kubr-yp-vla-26-BAL-4016
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 31 Aug 2023 15:15:38 GMT
truncated
/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/webp
enhanced-oil-recovery-eor-definition-1.webp
a.enemonzo.org/commodities/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.enemonzo.org/commodities/enhanced-oil-recovery-eor-definition-1.webp
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58eeb4c4d7c3f30f376b13640e283f7c315f6fbcb308587947f1c18cdda9dc35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
cf-cache-status
MISS
last-modified
Sun, 31 Jan 2021 23:23:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"11f70-5ba3a857d3c80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE%2BeLFGnPiVRvFmQs6D%2FHqiWFsdAyeN7aWyG%2F7aX6t%2FatNiKyj4pPQpfDdcKteRprw9HwEyNU8pndgYpj5otayr0YvXDnINKFQTuy2O3pyWQFtK6%2BhbSIfPkUgYf4AW161mEAeGAo%2BWBzeXGpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7ff5e3043b5a4daa-FRA
alt-svc
h3=":443"; ma=86400
content-length
73584
coupon-stripping.webp
a.enemonzo.org/fixed-income-trading/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.enemonzo.org/fixed-income-trading/coupon-stripping.webp
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3fe92d76ad27ed2c1f42344aff6e437eaa94ca4aba6201d5d21f784f7921ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
cf-cache-status
MISS
last-modified
Sun, 31 Jan 2021 23:25:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2978-5ba3a8bceab00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2FuoeEZgY31G2braT6VFGO8RTY59oMU170ps7rDWkBa4q%2B%2BeC0mz1lvWyE1FcU2svl9dUQ4jHpZ2FeSjJtYg1gTnKJdK%2ByNtwfZ1C3qQIBAbX3EIuTqsFimrcuywRSbIBQCSWBIryVsssOiZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7ff5e3043b594daa-FRA
alt-svc
h3=":443"; ma=86400
content-length
10616
solvency.webp
a.enemonzo.org/corporate-finance-and-accounting/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.enemonzo.org/corporate-finance-and-accounting/solvency.webp
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6146ccb526ac9f2dc9aa499ff6d237618124301d50cddbf435832740c4be5ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
cf-cache-status
MISS
last-modified
Sun, 31 Jan 2021 23:23:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3528-5ba3a85f74e80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiuOa27JmnCUq0RrlONJ9t0VuDIFWu9PWa%2FnMNIlNAz%2Frow8AJAHhD8GORM4R9Gr%2FRUPjdW2s7AAP%2BvIa90jV%2BvvZ0y9VQQAYwVZWXveqFMqLMIQF2ghvb863R2iCFlOn%2F307m51txJC0euM7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7ff5e3043b544daa-FRA
alt-svc
h3=":443"; ma=86400
content-length
13608
adobe-shares-surge-with-massive-demand-2.webp
a.enemonzo.org/news/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.enemonzo.org/news/adobe-shares-surge-with-massive-demand-2.webp
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a9601888f5dffc5dd26659f6440b7afc4e1aba18689d25d9fc3a775075c231b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
cf-cache-status
MISS
last-modified
Sun, 31 Jan 2021 23:30:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"be10-5ba3aa012a800"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dd4W88RBT8XwH0kuRaYGGefXS0QHO%2FUzAsZ7vek%2FsOdzjpidXuvNIRNxADUAm%2BYFpYyJKLzRkA0qiB0ojewLPRtNbHbaEhNyTjOiqIJwAleYoJjLAM5w96CgluxGfzEyG8wvQ%2Br1L8Ev1liBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7ff5e3043b534daa-FRA
alt-svc
h3=":443"; ma=86400
content-length
48656
predatory-pricing.webp
a.enemonzo.org/small-business/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.enemonzo.org/small-business/predatory-pricing.webp
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e818e7775d4293586d2ca073442c776055c4dea1b5e29c15b7be436f793a1456

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
cf-cache-status
MISS
last-modified
Sun, 31 Jan 2021 23:32:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"86ee-5ba3aa6829b00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mqZ0OjTe3Ot1Mdz6yLbhPmbl6YwivnhCu4C9nqhtXA%2FG0YPJcGr8rUH847sfvEA2aA%2BVkhgi9H6LkvuhkL%2Fyn9jkR5CFJ968MxNUL0Qdv1jaAc6IF%2Bqhx6uIKv7e5c8zQhM9fJ1hn39YrovJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7ff5e3043b574daa-FRA
alt-svc
h3=":443"; ma=86400
content-length
34542
cookies_gdpr.js
cdn.zx-adnet.com/consent/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9435003046883459
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220020-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Thu, 31 Aug 2023 14:15:38 GMT
last-modified
Sun, 27 Aug 2023 07:40:29 GMT
x-timer
S1693491339.854182,VS0,VE35
etag
"e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits
0
1duwt.min.js
www.bigmp3db.com/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.min.js?5012e76
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
duration
1773702
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=300
access-control-allow-headers
*
expires
Thu, 31-Aug-2023 17:20:38 EEST
tag.js
mc.yandex.ru/metrika/ 		216 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: enemonzo.org
URL: https://enemonzo.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
220302e21f2bc9324cb193a7606619011fd2abd69826bf8770e925afe98f6e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 30 Aug 2023 09:10:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64eedd54-1270e"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
75534
expires
Thu, 31 Aug 2023 15:15:38 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?5012e76
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
a6305eab833184b7b23928ca15e515d84ef3ff7f96c753d91d3b12c721481a47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?5012e76
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
01eb2b007503cee35b2b866f2f10c18e366f2db30971991cc0a0369a7b2d15a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?5012e76
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
944fd64df565c6c732ebe1993a00414b7e03185576155270d3daebf7477d32d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 31 Aug 2023 14:15:38 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/acaa577f-1ae1-4b91-a272-ebe11f5f1964/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
851b46658c57b81a80c83c1234db85b2f6b76fc3b9c4721d44b576d11e28a517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29196
x-xss-protection
0
server
cafe
etag
621 / 19600 / m202308240101 / config-hash: 511729982952978637
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:15:39 GMT
prebid7.36.3.js
get.optad360.io/sf/ 		520 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.36.3.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/acaa577f-1ae1-4b91-a272-ebe11f5f1964/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:8a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 13:33:18 GMT
content-encoding
gzip
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
last-modified
Mon, 03 Apr 2023 08:32:50 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
2076142
etag
W/"0a921f4d0ab6e1dce1061b3c4ed313ce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-id
x11vUJSxiJ3U0ennBY4xrP4YQ6EWnhwRuj6-J7l8YTQoA1jjqtBBJQ==
branding-ads.svg
cdn.optad360.net/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.optad360.net/icons/branding-ads.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:9400:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 12:58:01 GMT
content-encoding
gzip
via
1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
2078259
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
abriO5SMQkRtWefVsMuiEzXdYZawy_zNXxbbH8HKNGDogEy20a9Vug==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230831
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8b342822ef1fa6a4a38d2d7921508eba2f06150762e3536a9949d8d7cf7b3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36887
x-jsd-version
1.0.1798
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4538-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"639-rr6+Inso7vLfgcaPzGHI9pMLd00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i42e8W2Dhj4CTRdreTu%2FEYZbYzOF6QROKSkY51kF9i7IVUDJue2ELt2seqfYVAriydjOMXHoITPf%2B8jTpABoRvwYivRYvCpEGl5cWUSV9yuwCwHNFVtfa92zzW7W3UsJcA5PNHt%2FBLje1HlMu68%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ff5e3052e1b6927-FRA
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://enemonzo.org
date
Thu, 31 Aug 2023 14:15:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://enemonzo.org
date
Thu, 31 Aug 2023 14:15:38 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
111
server
envoy
vary
origin, Accept-Encoding
openrtb
adx.adform.net/adx/ 		0
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://enemonzo.org
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		138 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
56873fc0cf904178ffd5adba4b94efea153ea1d84e382c8306eb5fb8d51080ad
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
an-x-request-uuid
8c10d8ea-7b0b-4061-b8cf-d425ef12f457
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://enemonzo.org
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10112.m3l2c4N2_v4unJbnR2S6ETCb4xoMvGwClhWap7fgT-GFa0Zw9xy20v_O8OoFcknD._Hc7sOXkQ5n0NTDXFFbEqy1Nj3I%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10112.YokXpUB4l6EU8LamaXlW5YSk59UsWxQjipqsSYvqlVqrqvNfrgZ4MsWf-fzoSDDApF1cdlNjP0FSuidVZJlmc_oLXLINRWND_ZEfaNpt69JoE5aKUgIP47U3CB4n0slpjUtvs-uiGi...
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10112.YokXpUB4l6EU8LamaXlW5YSk59UsWxQjipqsSYvqlVqrqvNfrgZ4MsWf-fzoSDDApF1cdlNjP0FSuidVZJlmc_oLXLINRWND_ZEfaNpt69JoE5aKUgIP47U3CB4n0slpjUtvs-uiGiBt75kTUDsI5ggWkskqBRVWGiQNImCsBCS09LO19-a4BzU34PoJTN_0ZbPEVrv0iOjEBqjkfBnoh6gqY0brj_FIfJCimnUY4T8%2C.t5mYgEw3lx_O9p38er7KA5ILSE8%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10112.YokXpUB4l6EU8LamaXlW5YSk59UsWxQjipqsSYvqlVqrqvNfrgZ4MsWf-fzoSDDApF1cdlNjP0FSuidVZJlmc_oLXLINRWND_ZEfaNpt69JoE5aKUgIP47U3CB4n0slpjUtvs-uiGiBt75kTUDsI5ggWkskqBRVWGiQNImCsBCS09LO19-a4BzU34PoJTN_0ZbPEVrv0iOjEBqjkfBnoh6gqY0brj_FIfJCimnUY4T8%2C.t5mYgEw3lx_O9p38er7KA5ILSE8%2C
date
Thu, 31 Aug 2023 14:15:39 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 30 Aug 2023 09:10:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64eedd54-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 31 Aug 2023 15:15:39 GMT
5da005f618993dfc5cdf.js
yastatic.net/partner-code-bundles/855674/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/855674/5da005f618993dfc5cdf.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0b2d7cd5763f46a92f17c6398a94e91d234e69d4c29cba5857d12c927b5d9bff
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://enemonzo.org/
Origin
https://enemonzo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4776
last-modified
Wed, 30 Aug 2023 16:11:02 GMT
server
nginx/1.17.9
etag
"90ba34f1b4af34caa7cb162f21775d57"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 30 Aug 2053 20:50:01 GMT
251389a70edf25f58395.js
yastatic.net/partner-code-bundles/855674/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/855674/251389a70edf25f58395.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
042265ecf386c41b587ce5677f799f2150161de22a38c5fa99f7c8a51a83ec8c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://enemonzo.org/
Origin
https://enemonzo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7956
last-modified
Wed, 30 Aug 2023 16:11:02 GMT
server
nginx/1.17.9
etag
"53b23c83f2b4bd4b7329878c3f6365d4"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 30 Aug 2053 20:50:01 GMT
fa7cbeaca787595095e1.js
yastatic.net/partner-code-bundles/855674/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/855674/fa7cbeaca787595095e1.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9045ba6d2d6ce04e889c541b145914fc3c86160b3456c1a3fbc790aff63ed8c4
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://enemonzo.org/
Origin
https://enemonzo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26010
last-modified
Wed, 30 Aug 2023 16:11:02 GMT
server
nginx/1.17.9
etag
"3dad46144e9c25f3d63e1b1c1016f301"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 30 Aug 2053 20:50:01 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://enemonzo.org/
Origin
https://enemonzo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 30 Aug 2053 20:50:49 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://enemonzo.org/
Origin
https://enemonzo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
3b3dfd9323bfa7df
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Aug 2024 20:04:00 GMT
8b57e294eb63ee5a5f39.js
yastatic.net/partner-code-bundles/855674/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/855674/8b57e294eb63ee5a5f39.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
8c0489c46f17df6dafdeddb374cbc6b2d17e9f5fe5430b2b43f61111345a7ce5
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://enemonzo.org/
Origin
https://enemonzo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2081
last-modified
Wed, 30 Aug 2023 16:11:02 GMT
server
nginx/1.17.9
etag
"071674ae2abccc3cb3fa61bf86c3642d"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 30 Aug 2053 20:50:01 GMT
08d83bbeaa96e6f16e41.js
yastatic.net/partner-code-bundles/855674/ 		626 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/855674/08d83bbeaa96e6f16e41.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
6349d53638af87171906296307843a5494bdcca44b2c318e999cd4a542dd8128
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://enemonzo.org/
Origin
https://enemonzo.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
120864
last-modified
Wed, 30 Aug 2023 16:11:02 GMT
server
nginx/1.17.9
etag
"29e8592d5cc769e845f2ca87c3132e70"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 30 Aug 2053 20:50:01 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 09:49:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
15956
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 30 Aug 2024 09:49:43 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 02:29:26 GMT
content-encoding
gzip
age
387973
x-guploader-uploadid
ADPycduOKtZ-jYI708NlmmpGXaU-NamfOkJWG4viTvwKHJcmSy94qlD08CPlfYu_2RHuf9tKSr4DZ6TG98ZrmcQ41lZhQQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 26 Aug 2024 02:29:26 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 14:15:39 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-27.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 15:55:11 GMT
content-encoding
gzip
via
1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
last-modified
Tue, 22 Aug 2023 15:52:21 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
80429
x-amz-server-side-encryption
AES256
etag
W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
iR8g9V5TC60P-aJd0VjZIhHLMt_0PTRIl_nW5AWx6XVrUhGbhhVo6Q==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:800:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Date
Thu, 31 Aug 2023 05:08:18 GMT
Via
1.1 5cc4b35b46cb9b55d49e7f47442e6838.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P1
Age
32842
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
wQMOq3y_ypnyDrHtK-iKrdqsGPqGcSADibapvZZki_pFIpdo_GXi6A==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29822
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADQEkK9TgdfVg0EmGV7%2F75ts8NqG0Mpx3WODND4zahZsiKTJgZ5lHl0uwjifR59R%2BkoR22%2BPpHwAPc1rfpMyGurDGkUw1Ffj6W1Ek9bNv9xaCel2YtXw9C9TbyVqB6%2FK%2FhNoFKvtBxNdccgGLhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ff5e306299c2c46-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
3ND70R4ZS9VEVTTH
age
2826
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ff5e3069d773a4f-FRA
x-amz-id-2
RC3dOYXn2Zt+kvHN1fSiC3gDln7H5npWJ7vrZDViB+J551yF2qw3Sytinc4z0VCuPPjwsU7psCo=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
c9c4b938203f847d17e0ad6d9858792b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3633781578011318&correlator=337139389771882&eid=31077365%2C31068826&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cthebrassman.org_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1693491339270&lmt=1693484139&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fenemonzo.org%2F&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=1331254614.1693491339&ga_sid=1693491339&ga_hid=1187212669&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY27_M36QxSABSAghkEhkKCnB1YmNpZC5vcmcY7r_M36QxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGNu_zN-kMUgAUgIIZBIXCghydGJob3VzZRjbv8zfpDFIAFICCGQSFAoFb3BlbngY27_M36QxSABSAghkEhkKCnVpZGFwaS5jb20Y27_M36QxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjbv8zfpDFIAFICCGQ.&dlt=1693491338282&idt=930&adks=1743166941&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d23011c26e93f6e3146b39d813ca6c8906c3d7b89cc1eb59add4bf0596636b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10910
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://enemonzo.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
561b672fd69d9a5b06a60acca5ee719cb0d6a8a1d02b2015f8298eb24406737e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11790
x-xss-protection
0
container.html
ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B16 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://enemonzo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 14:15:39 GMT
expires
Fri, 30 Aug 2024 14:15:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.com/watch/71615602/
Redirect Chain
  • https://mc.yandex.com/watch/71615602?wmode=7&page-url=https%3A%2F%2Fenemonzo.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1273%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/71615602/1?wmode=7&page-url=https%3A%2F%2Fenemonzo.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1273%3Afu%3A0%3Aen%3Autf...
427 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/71615602/1?wmode=7&page-url=https%3A%2F%2Fenemonzo.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1273%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A1424172761087%3Ahid%3A10037838%3Az%3A120%3Ai%3A20230831161539%3Aet%3A1693491339%3Ac%3A1%3Arn%3A138250491%3Arqn%3A1%3Au%3A1693491339604571442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C21%2C432%2C5%2C192%2C0%2C%2C57%2C0%2C1256%2C1256%2C2%2C1230%3Aco%3A0%3Acpf%3A1%3Ans%3A1693491337577%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693491339%3At%3AInvestimento%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
023a6049b364bd4119acf8b7b4c2f6dec9d88e2371197432f65d35e641b6fc68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 31-Aug-2023 14:15:39 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://enemonzo.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Thu, 31-Aug-2023 14:15:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 31-Aug-2023 14:15:39 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/71615602/1?wmode=7&page-url=https%3A%2F%2Fenemonzo.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1273%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A1424172761087%3Ahid%3A10037838%3Az%3A120%3Ai%3A20230831161539%3Aet%3A1693491339%3Ac%3A1%3Arn%3A138250491%3Arqn%3A1%3Au%3A1693491339604571442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C21%2C432%2C5%2C192%2C0%2C%2C57%2C0%2C1256%2C1256%2C2%2C1230%3Aco%3A0%3Acpf%3A1%3Ans%3A1693491337577%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693491339%3At%3AInvestimento%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://enemonzo.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 31-Aug-2023 14:15:39 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fenemonzo.org%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fenemonzo.org%2F&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fenemonzo.org%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
bfe2bd5d45ae6b8fe2ec77a083a34754914187400c1b44c219958eaecbc78589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-SVbFESGr90ccgMbGY7E0UUd7I2c"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://enemonzo.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 31 Aug 2023 14:15:39 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://enemonzo.org
location
/esp?url=https%3A%2F%2Fenemonzo.org%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://enemonzo.org
date
Thu, 31 Aug 2023 14:15:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 7E65 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=enemonzo.org
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://enemonzo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 14:15:39 GMT
server
Kestrel
server-processing-duration-in-ticks
256270
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.14.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0d3dde21d1af4eff80a67c8165d05ffaf5b2c23e635000fad0a39e22b61174ff

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://enemonzo.org
cache-control
no-cache
x-server
10.45.5.62
access-control-allow-credentials
true
content-length
60
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 14:15:39 GMT
sid
mug.criteo.com/ Frame 7E65
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=enemonzo.org&sn=ChromeSyncframe&so=0&topUrl=enemonzo.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=fs9arnxiMFBRYmVSNGRPZ2ZRRnR4R2wyblRjTlk5WjZ2dVV4bkU5eHpnRmlOTnJ4VW5ERjNkdXNGa2FrWjJOd2Rqb04zNlIyTWR0NDBFM0NUMndQUkxEdHo3eXZtZXNMZHJhMTRYci9FMml6cWladlRhZ1duVzA4T2hSRn...
441 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fs9arnxiMFBRYmVSNGRPZ2ZRRnR4R2wyblRjTlk5WjZ2dVV4bkU5eHpnRmlOTnJ4VW5ERjNkdXNGa2FrWjJOd2Rqb04zNlIyTWR0NDBFM0NUMndQUkxEdHo3eXZtZXNMZHJhMTRYci9FMml6cWladlRhZ1duVzA4T2hSRnlPYy9xLzlkUEtMelFtcXpJS0MyV3dVckJ1Qjk2U2dtN25nblVNbXc2SDU2MThSZDVMRVRyWjZtZjA4SllVMmtFY3dPQ1plRTZWWUtxWWVReEdPVmI0dk1ab1pGSCtpTFZST0Q1K1R5TUdaNDRWMkE0K0JWV0JvNnNXdmxwbjlNeVdraHk2NnplYWVncXZhTGhQUEtkWUMxaW43a3ZiQT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
524d32df87a259cb4aa1e0c9ab51de2003d239b78be5956ae5907faa66dd0f84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1463642
expires
0

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=fs9arnxiMFBRYmVSNGRPZ2ZRRnR4R2wyblRjTlk5WjZ2dVV4bkU5eHpnRmlOTnJ4VW5ERjNkdXNGa2FrWjJOd2Rqb04zNlIyTWR0NDBFM0NUMndQUkxEdHo3eXZtZXNMZHJhMTRYci9FMml6cWladlRhZ1duVzA4T2hSRnlPYy9xLzlkUEtMelFtcXpJS0MyV3dVckJ1Qjk2U2dtN25nblVNbXc2SDU2MThSZDVMRVRyWjZtZjA4SllVMmtFY3dPQ1plRTZWWUtxWWVReEdPVmI0dk1ab1pGSCtpTFZST0Q1K1R5TUdaNDRWMkE0K0JWV0JvNnNXdmxwbjlNeVdraHk2NnplYWVncXZhTGhQUEtkWUMxaW43a3ZiQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
301762
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC8D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://enemonzo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 13:46:18 GMT
expires
Fri, 30 Aug 2024 13:46:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AE7C 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7254c09b6307554573bc2c650d55498fe5cd05d8c22a13033e82835f2065553a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3K0ugsZSddpVyh1NJLOfAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://enemonzo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-3K0ugsZSddpVyh1NJLOfAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 14:15:39 GMT
expires
Thu, 31 Aug 2023 14:15:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame EC8D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:24:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
172281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:24:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AE7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=3633781578011318&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame EC8D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?18rJcg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D84 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://enemonzo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 14:15:39 GMT
expires
Fri, 30 Aug 2024 14:15:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 31C2 		624 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUpoXamwWmkJNbQ095Bn1XXd5o6IGHTVHcwN3lO1U6icbPrYE8AKnwimPc3Ae0JwMjPhG_G91TlxUlAkPBFmNz0IP7J_glLdorM6QVkY19pO31gMzG3Tw3WthbS21-q8ePPsqilkz9xisUwL9HN9Mr95XXVAlWKbzxp9KIN9tsoSmK6kLNhw0Bpgo6DVS46u1L0PkM00cYnJPnbGdMHbWn40HdhLA
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 14:15:39 GMT
expires
Thu, 31 Aug 2023 14:15:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7D84 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:15:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D84 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CdoDVZLqOuqd-GzKReEkihf1nL1sjTSxtcL3gFk1Npeb_lYmPmY70Kk1gIIEip6YiDXYzeg6jHs9zbTbP8evXPS2SppoELW4kXqvrzW43oxNANh94
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D84 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=68417033058826435&x=1&ct=77
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 7D84 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:45:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
1785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:45:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 7D84 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 14:19:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
86193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 14:19:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D84 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:15:39 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 40C2 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://enemonzo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 31 Aug 2023 14:15:39 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
rum
dsum-sec.casalemedia.com/ Frame 31C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKf5Fx7yaSPkhAP0n6HG9AQ&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKf5Fx7yaSPkhAP0n6HG9AQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUpoXamwWmkJNbQ095Bn1XXd5o6IGHTVHcwN3lO1U6icbPrYE8AKnwimPc3Ae0JwMjPhG_G91TlxUlAkPBFmNz0IP7J_glLdorM6QVkY19pO31gMzG3Tw3WthbS21-q8ePPsqilkz9xisUwL9HN9Mr95XXVAlWKbzxp9KIN9tsoSmK6kLNhw0Bpgo6DVS46u1L0PkM00cYnJPnbGdMHbWn40HdhLA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Aug 2023 14:15:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKf5Fx7yaSPkhAP0n6HG9AQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 31C2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPCgi3J7AyqlATFHb5fWzQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKf5Fx7yaSPkhAP0n6HG9AQ&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKf5Fx7yaSPkhAP0n6HG9AQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUpoXamwWmkJNbQ095Bn1XXd5o6IGHTVHcwN3lO1U6icbPrYE8AKnwimPc3Ae0JwMjPhG_G91TlxUlAkPBFmNz0IP7J_glLdorM6QVkY19pO31gMzG3Tw3WthbS21-q8ePPsqilkz9xisUwL9HN9Mr95XXVAlWKbzxp9KIN9tsoSmK6kLNhw0Bpgo6DVS46u1L0PkM00cYnJPnbGdMHbWn40HdhLA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Aug 2023 14:15:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKf5Fx7yaSPkhAP0n6HG9AQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 31C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFUTn6aS5ZiEKhHXH4GUW7k&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFUTn6aS5ZiEKhHXH4GUW7k%26google_cver%3D1
43 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFUTn6aS5ZiEKhHXH4GUW7k%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUpoXamwWmkJNbQ095Bn1XXd5o6IGHTVHcwN3lO1U6icbPrYE8AKnwimPc3Ae0JwMjPhG_G91TlxUlAkPBFmNz0IP7J_glLdorM6QVkY19pO31gMzG3Tw3WthbS21-q8ePPsqilkz9xisUwL9HN9Mr95XXVAlWKbzxp9KIN9tsoSmK6kLNhw0Bpgo6DVS46u1L0PkM00cYnJPnbGdMHbWn40HdhLA
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
an-x-request-uuid
af771a56-c223-4eac-b616-bd60d4f52f0d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
an-x-request-uuid
8123af3a-957e-48eb-a0a7-db2d9b753bbd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFUTn6aS5ZiEKhHXH4GUW7k%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 31C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Mzg1NzYyNzE4MzY0NzU2NA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Mzg1NzYyNzE4MzY0NzU2NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNUpoXamwWmkJNbQ095Bn1XXd5o6IGHTVHcwN3lO1U6icbPrYE8AKnwimPc3Ae0JwMjPhG_G91TlxUlAkPBFmNz0IP7J_glLdorM6QVkY19pO31gMzG3Tw3WthbS21-q8ePPsqilkz9xisUwL9HN9Mr95XXVAlWKbzxp9KIN9tsoSmK6kLNhw0Bpgo6DVS46u1L0PkM00cYnJPnbGdMHbWn40HdhLA
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
an-x-request-uuid
84380df9-43e4-4b51-bb33-2044279b9c9e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3Mzg1NzYyNzE4MzY0NzU2NA%3D%3D
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D84 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8367730030719&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D84 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8367730030719&version=m202307240101&ct=77&x=1&cor=68417033058826430
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
ad.doubleclick.net/dbm/ Frame 7D84 		15 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKSMIYzXFwSrhYodU0PEM7OL9LiucnvzT580q-f0Z8irZB1nQ42r8JwgxMMybTnzbt3yD2kEAEW1ww5NFeo77q8z6Y-oFSbDOohW-F9WwzO1ZhJ1KnRaj3TsBusRQtCaNHqJLL2wyqwRoHWjSXv7JhHh2pWCo3ZEZOrcvtZWBM99GMejY&cry=1&dbm_d=AKAmf-C6Xn5wtSFYAdpUxwaxEG6SToJYrFSI9NpZlJ9EUOJQdDIu32klLat5P7OeTvEw2caEwKGq-QFQn9ZPeIZ_f2-czWMI7OJlIom9ime0puKFN7sIEbjPjIUug_sFNWnOlVXDyprZWVpIa_0W7MQeb8wRX4KD5pYpldrxFADEh29umOtYMLmyONQbg-gP4eJ9EYM7bjmzOdC0XOjdMa-jinUiNnVrslfiKyh2PdomV-V9OkVTjXOfM7-9AHypNwY7Y3qCuidd8HY-6zFiM8DzTruA-bfz4Inu4hVyUZ14wvALL30IGBzXbIuYH7G26qbcCvyqeu9lQGWepFiyoTAi0Yd8TCWAJNY-GaFNRHSD4UqlmKjygPkVQRtQcO5GArR1wmWqUG4SUUVao2LJZOFKz0npEV0TjduJuoX7cEihhmI1scs1FOYMg8kFLu1PkPgzZN3CQU1GSd-99WQm-pPnN8aUWPaDtyucFDY_CZm91riRodY4Zxaz0b40se0rQlREfID1OOaHrXtpQ6rBLtIas0NxdJt0b3se5cVKXJYYO74btR2wwKrg8l1wxt5plQ_hNe8XuLOE1SIwpmWcI3rbN-nkNt6s3E87d-pCX3EEycqS47P2VO5voct0np0mVWhjZG91JadkoizBJAFXo0HyHpVoMdR9JQ4O4f5Xc-ey4FptH5Wy8zTaFCPIOKL8u2LHeqvjWN0Zx7E_OwYHm-9nv_O_gHtJSChtUX5Lqvler664iAAr2n5O6YlNpdwNemmkF71JVJ29ADpdM1EuC3nW44Vo6vz_x3GInM-41vhDMbHBlqUTzLfr3dUbR5RZNM1wO1HPGwxyBugfe3Rm9Fwk7xvjyQ_dkyMx13TCOsbnlEEWes-SN_3KeuZygiCdNlYEQyLzEWuZkSGjmKSwJbg_bJLNeS16F7qEvySRYiULGLtEkXxZUW9KaLJewd9wPGiEQxdPyGH_lNIZzArQHigw-EsYDwu4lNR1halwNoO5JzX56EVHWDFUAlMjlWjgFxwevqXwMXjcMm3_pbmbpjpma7Q-_fzXM45OPtIkFxPffrVLiFIWqDSctnfx95De52r6BC1m2EG_bOSWznK_kEtQLyuIm8C5DqHbE0D2bLDQ3qkYw3BFTTY1V4Pg-AsnHn5D24NT6yY0am09KHZqqZKLGWVXlje9ct7m3Or_vNMUaNck8E6sEoDLfT1epKvA3vUEdL9zkO4evxnFVIUjJFCdiFedC2TQ1oeN-JR6VaBCRYa1XmFo5txPE2Qu6LH5IyGuCiij5woyP19W5vR5pfCQ-bPwRfof3cTiqD-c8lTfM2C8KwarxmSIYn405lzmV8DpPOwnCGXkqOtMzvcGFFmALPbO1P7xx_V8aTqJ04N3rzaQVW1-j30YWJrP3oQ2u9mLl5hUynHK-Ya9jhwUeZl81vVRU4oI36rW96X0RH5pZtmmTSRD0G6Xd5gecaultVd8PZi2SPpBu2W1BRW7aM4OrXlJozW4C4WVMdHwpyAcASTm-Jy8VPh28zrKiC3KgVhvvWo2Qp1AIp7csNcyYoXdZeV8W5nUk9dSIMwGSwgD-OQheD4OJE6s3fOh0cWrEfuKRrSvCfqejQpYED0dWqEVfWaqUlr59yvPgseHO9KKdggbA6ABfV17IcwlB4jqzcLJeiNTW9zdmDcLCgBfjjNRxojk7IkRwNu8ehE7NahotS6eFzDn5EPHhofk4_wIfNfSn3fdOoSlVXAnzgWevL03bQijsHeTK1fSOHeOllCSCrjLdwyyGmqKw16-G70IZGX2ZlP2Bav6iONDAIuOkfD7y6DrklW8mLK4-By__tcBejm44n51rcm78cHtNUW21zAd_I-ptJcSxvP2ILX439mFlUlDMC7f9yXfW7l4RLAefOMyGeliKYqoe56Qw_PvHdaK3f-x_TMTR-O7MGNgkkGS-hj5MttiHE-0IlgBMMZQGGkkvkykA8EVLAvmsWeiO2a-3UbBvVCK39LVCY1EhsOv8zRl6CjXEm_2LeZGfGLOcAN6fb1KHKbjrVYbZnjrs5XoccXNL_69H5ZUW3XykX4Phz6LAckzxQCqkhmwdby0DxVa8RzWHlTUzKHffxObcJW8Xdf81Lyt2s5JmSSTjmQjZmIFipuLoLjn8baOcoGHzKZ1PNx_xkNPGFWrqq2mSLtS7b-wPZZgfPAzdJqbbPEJgKLjg1ypQleJGtN2mG-WYqP52hymA7-XCAfGO2ceCoW9yZjqmjkX4eJ0nKpuYdidT4aWHkv2TRtvJHHfuU40UGqFyd1twxni_FhF6GC9CDly2LwMmKE_4CbAD8aJ7HgZdEx08x3TaWJIhiNItHPvuPF2XQL08re_qsGCyaU0r7o6AvWSpoOCZlyPqkTwgNYQADSxKFlIRDBWKgGo8etkhW5ac3HPfDuc0wZTpHeiAKEXhKVqD98HfdmnQv_CYBCQwl3ZlBXn2F7std0ss747pakC8JaB_hiiRDgnf5DgZVqwNNaJDMcQYoytENPE-eNuejUardXwjPdyGpiCSG-DYv5g2_s4zDKrp-3rVsevpFFAc6pUg3Jr5Sgt9t0abirlNQpFfG7ZrzECz_nATCJs-WxLbBRUTnAXRfJeg_8cQ7oka39mmu24pt3_2C8YPaDNfhEA18d5-STR7g-Lsgalxn_mV1NXVOXafX-8aiUkwAjEP1YIiLToQOCfuMYGzQKGZfEy_J99ACVFkUPyRJEBzLOXHQamsP1_76f5uguGbtQ30yprmH9-Ol0sm5YMs8tUlxd_VJ50BwUAfZ_ifQCmj4roJoyfAEy8xdJgp1gL3Re1Woo8hyE0fPTSudLaT4adZjRfCwNtU3QTdAXXaF-sLuOxeaft1tqRyA_nlOLSjxpV46CgKa52oU3FyQzc9-k_2E9Py3-TdXFr4AEx8WvAAp2wOgfWxuKJQHKQ3TpaHpJBo2Dayw7wmbqnOY_j3CpoGWOG6-FnxZUMA05Q4tK_nXcBFMMyWBek8qf9zANZ9yCm-kKl2EZx-lq9HUAts_OtJlCZ-8jlCPQFfZz6ig0zpe7DTKF3a2cC6jJ-5b69JolcYOw1nVLgBpNik6QZ4mNu5Cnqh890eXK3ko7mEle7v9B3hhE50Fg2Ko6jPA5WB3NY9H6pcLDnCLtlq0AFxGhDWEQpg5gSErVZv6k6oHGaetLNanAokKvW56Ti1HUa9jnKtTMbGLyP8Y5h8eViVsUCgcrxJe1tTVC_TyDM4josXVdlPJVG-6IZ_gAsGZkYo4QNqmF3V57EyMUcBIPKre20iJUM-FInSA4SQ3P1NfUeT-ONlY9IYBn7MA2ZzjzB0q-e6WTqn3wSsE4neveVbd06ZYDQzDOeAqJsTh4leN8ZVMOHu3nCbj52cyrXIC8JPgx0k1VyMy-SdDBwOJxweZcGy1y6mUAnA48fxI1TJ_TIuRNxGac_Di60agmM0ZEQzlnHeb0KOCJbjkNN3fdxmSwPLZdh3SaWtHeoFmZJyKxWkrs_B-p9grNQtnPlNWSo2SBoDuwactDd6EaLxAGuX4f9SOi5yYAg5mWeBzWirSUCJWU2V6Ft2YfB2-Ui1p-BhAEb2zEV_VUlxoLo6BkBDCLpeIn1C2zoPF1M9YZ7aZoiYbJgiIvysDa9VuKxPYg_i2bcM98JTRIkUl9i50z-K9CI3OP5APA1nZRlYo_8rAZSO9KgAmFd-1qSz2Sp31slsfVorkfwxtm3WsoNz8HP1tWjfDaRsnrLbiAMaPZdezC1XY1Uwkh9g2FFlOdSAY9fajB0t04ueWlSwE3KSSWJqFQ0ZTLR2GvKtsOGXLuTyx0rWS9nv6filaalwHKBpi0yG6Kb7Q2D6AyotZj6xi5uiAdfURp1KdLXETBnkKtlUEKdNCqG70kHfH9vSfWkgLX_g6xt4JswDIj15ezmbcqpH-DOS6SeODudkw&cid=CAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fenemonzo.org%2F&ds=l&xdt=1&iif=1&cor=68417033058826430&adk=1964084972&idt=133&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
3483d6f68a6c30819f29067311d2f9f7f33912e12f9f33e181600f00fedb4aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11780
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7D84 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKSMIYzXFwSrhYodU0PEM7OL9LiucnvzT580q-f0Z8irZB1nQ42r8JwgxMMybTnzbt3yD2kEAEW1ww5NFeo77q8z6Y-oFSbDOohW-F9WwzO1ZhJ1KnRaj3TsBusRQtCaNHqJLL2wyqwRoHWjSXv7JhHh2pWCo3ZEZOrcvtZWBM99GMejY&cry=1&dbm_d=AKAmf-C6Xn5wtSFYAdpUxwaxEG6SToJYrFSI9NpZlJ9EUOJQdDIu32klLat5P7OeTvEw2caEwKGq-QFQn9ZPeIZ_f2-czWMI7OJlIom9ime0puKFN7sIEbjPjIUug_sFNWnOlVXDyprZWVpIa_0W7MQeb8wRX4KD5pYpldrxFADEh29umOtYMLmyONQbg-gP4eJ9EYM7bjmzOdC0XOjdMa-jinUiNnVrslfiKyh2PdomV-V9OkVTjXOfM7-9AHypNwY7Y3qCuidd8HY-6zFiM8DzTruA-bfz4Inu4hVyUZ14wvALL30IGBzXbIuYH7G26qbcCvyqeu9lQGWepFiyoTAi0Yd8TCWAJNY-GaFNRHSD4UqlmKjygPkVQRtQcO5GArR1wmWqUG4SUUVao2LJZOFKz0npEV0TjduJuoX7cEihhmI1scs1FOYMg8kFLu1PkPgzZN3CQU1GSd-99WQm-pPnN8aUWPaDtyucFDY_CZm91riRodY4Zxaz0b40se0rQlREfID1OOaHrXtpQ6rBLtIas0NxdJt0b3se5cVKXJYYO74btR2wwKrg8l1wxt5plQ_hNe8XuLOE1SIwpmWcI3rbN-nkNt6s3E87d-pCX3EEycqS47P2VO5voct0np0mVWhjZG91JadkoizBJAFXo0HyHpVoMdR9JQ4O4f5Xc-ey4FptH5Wy8zTaFCPIOKL8u2LHeqvjWN0Zx7E_OwYHm-9nv_O_gHtJSChtUX5Lqvler664iAAr2n5O6YlNpdwNemmkF71JVJ29ADpdM1EuC3nW44Vo6vz_x3GInM-41vhDMbHBlqUTzLfr3dUbR5RZNM1wO1HPGwxyBugfe3Rm9Fwk7xvjyQ_dkyMx13TCOsbnlEEWes-SN_3KeuZygiCdNlYEQyLzEWuZkSGjmKSwJbg_bJLNeS16F7qEvySRYiULGLtEkXxZUW9KaLJewd9wPGiEQxdPyGH_lNIZzArQHigw-EsYDwu4lNR1halwNoO5JzX56EVHWDFUAlMjlWjgFxwevqXwMXjcMm3_pbmbpjpma7Q-_fzXM45OPtIkFxPffrVLiFIWqDSctnfx95De52r6BC1m2EG_bOSWznK_kEtQLyuIm8C5DqHbE0D2bLDQ3qkYw3BFTTY1V4Pg-AsnHn5D24NT6yY0am09KHZqqZKLGWVXlje9ct7m3Or_vNMUaNck8E6sEoDLfT1epKvA3vUEdL9zkO4evxnFVIUjJFCdiFedC2TQ1oeN-JR6VaBCRYa1XmFo5txPE2Qu6LH5IyGuCiij5woyP19W5vR5pfCQ-bPwRfof3cTiqD-c8lTfM2C8KwarxmSIYn405lzmV8DpPOwnCGXkqOtMzvcGFFmALPbO1P7xx_V8aTqJ04N3rzaQVW1-j30YWJrP3oQ2u9mLl5hUynHK-Ya9jhwUeZl81vVRU4oI36rW96X0RH5pZtmmTSRD0G6Xd5gecaultVd8PZi2SPpBu2W1BRW7aM4OrXlJozW4C4WVMdHwpyAcASTm-Jy8VPh28zrKiC3KgVhvvWo2Qp1AIp7csNcyYoXdZeV8W5nUk9dSIMwGSwgD-OQheD4OJE6s3fOh0cWrEfuKRrSvCfqejQpYED0dWqEVfWaqUlr59yvPgseHO9KKdggbA6ABfV17IcwlB4jqzcLJeiNTW9zdmDcLCgBfjjNRxojk7IkRwNu8ehE7NahotS6eFzDn5EPHhofk4_wIfNfSn3fdOoSlVXAnzgWevL03bQijsHeTK1fSOHeOllCSCrjLdwyyGmqKw16-G70IZGX2ZlP2Bav6iONDAIuOkfD7y6DrklW8mLK4-By__tcBejm44n51rcm78cHtNUW21zAd_I-ptJcSxvP2ILX439mFlUlDMC7f9yXfW7l4RLAefOMyGeliKYqoe56Qw_PvHdaK3f-x_TMTR-O7MGNgkkGS-hj5MttiHE-0IlgBMMZQGGkkvkykA8EVLAvmsWeiO2a-3UbBvVCK39LVCY1EhsOv8zRl6CjXEm_2LeZGfGLOcAN6fb1KHKbjrVYbZnjrs5XoccXNL_69H5ZUW3XykX4Phz6LAckzxQCqkhmwdby0DxVa8RzWHlTUzKHffxObcJW8Xdf81Lyt2s5JmSSTjmQjZmIFipuLoLjn8baOcoGHzKZ1PNx_xkNPGFWrqq2mSLtS7b-wPZZgfPAzdJqbbPEJgKLjg1ypQleJGtN2mG-WYqP52hymA7-XCAfGO2ceCoW9yZjqmjkX4eJ0nKpuYdidT4aWHkv2TRtvJHHfuU40UGqFyd1twxni_FhF6GC9CDly2LwMmKE_4CbAD8aJ7HgZdEx08x3TaWJIhiNItHPvuPF2XQL08re_qsGCyaU0r7o6AvWSpoOCZlyPqkTwgNYQADSxKFlIRDBWKgGo8etkhW5ac3HPfDuc0wZTpHeiAKEXhKVqD98HfdmnQv_CYBCQwl3ZlBXn2F7std0ss747pakC8JaB_hiiRDgnf5DgZVqwNNaJDMcQYoytENPE-eNuejUardXwjPdyGpiCSG-DYv5g2_s4zDKrp-3rVsevpFFAc6pUg3Jr5Sgt9t0abirlNQpFfG7ZrzECz_nATCJs-WxLbBRUTnAXRfJeg_8cQ7oka39mmu24pt3_2C8YPaDNfhEA18d5-STR7g-Lsgalxn_mV1NXVOXafX-8aiUkwAjEP1YIiLToQOCfuMYGzQKGZfEy_J99ACVFkUPyRJEBzLOXHQamsP1_76f5uguGbtQ30yprmH9-Ol0sm5YMs8tUlxd_VJ50BwUAfZ_ifQCmj4roJoyfAEy8xdJgp1gL3Re1Woo8hyE0fPTSudLaT4adZjRfCwNtU3QTdAXXaF-sLuOxeaft1tqRyA_nlOLSjxpV46CgKa52oU3FyQzc9-k_2E9Py3-TdXFr4AEx8WvAAp2wOgfWxuKJQHKQ3TpaHpJBo2Dayw7wmbqnOY_j3CpoGWOG6-FnxZUMA05Q4tK_nXcBFMMyWBek8qf9zANZ9yCm-kKl2EZx-lq9HUAts_OtJlCZ-8jlCPQFfZz6ig0zpe7DTKF3a2cC6jJ-5b69JolcYOw1nVLgBpNik6QZ4mNu5Cnqh890eXK3ko7mEle7v9B3hhE50Fg2Ko6jPA5WB3NY9H6pcLDnCLtlq0AFxGhDWEQpg5gSErVZv6k6oHGaetLNanAokKvW56Ti1HUa9jnKtTMbGLyP8Y5h8eViVsUCgcrxJe1tTVC_TyDM4josXVdlPJVG-6IZ_gAsGZkYo4QNqmF3V57EyMUcBIPKre20iJUM-FInSA4SQ3P1NfUeT-ONlY9IYBn7MA2ZzjzB0q-e6WTqn3wSsE4neveVbd06ZYDQzDOeAqJsTh4leN8ZVMOHu3nCbj52cyrXIC8JPgx0k1VyMy-SdDBwOJxweZcGy1y6mUAnA48fxI1TJ_TIuRNxGac_Di60agmM0ZEQzlnHeb0KOCJbjkNN3fdxmSwPLZdh3SaWtHeoFmZJyKxWkrs_B-p9grNQtnPlNWSo2SBoDuwactDd6EaLxAGuX4f9SOi5yYAg5mWeBzWirSUCJWU2V6Ft2YfB2-Ui1p-BhAEb2zEV_VUlxoLo6BkBDCLpeIn1C2zoPF1M9YZ7aZoiYbJgiIvysDa9VuKxPYg_i2bcM98JTRIkUl9i50z-K9CI3OP5APA1nZRlYo_8rAZSO9KgAmFd-1qSz2Sp31slsfVorkfwxtm3WsoNz8HP1tWjfDaRsnrLbiAMaPZdezC1XY1Uwkh9g2FFlOdSAY9fajB0t04ueWlSwE3KSSWJqFQ0ZTLR2GvKtsOGXLuTyx0rWS9nv6filaalwHKBpi0yG6Kb7Q2D6AyotZj6xi5uiAdfURp1KdLXETBnkKtlUEKdNCqG70kHfH9vSfWkgLX_g6xt4JswDIj15ezmbcqpH-DOS6SeODudkw&cid=CAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fenemonzo.org%2F&ds=l&xdt=1&iif=1&cor=68417033058826430&adk=1964084972&idt=133&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
470064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
5zyrr3xpcfb3
hal9000.redintelligence.net/zone/ Frame 7D84 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5zyrr3xpcfb3?subid=&gdpr=&gdpr_consent=&rnd=1693491339314306&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
d40e53fbe3925e58b4c266043a1c592d08e80def92c79300a4277e099de98dab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 14:15:39 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4220
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C127 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
373434
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cZSlmfR8SDt076FNoYIuLG5p7zquw_7CpDxGN0dSu4o.js
pagead2.googlesyndication.com/bg/ Frame C127 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cZSlmfR8SDt076FNoYIuLG5p7zquw_7CpDxGN0dSu4o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7194a599f47c483b74efa14da1822e2c6e69ef3aaec3fec2a43c46374752bb8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:29:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
171958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14792
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:29:41 GMT
request.php
hal900013.redintelligence.net/ Frame 7D84
Redirect Chain
  • https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D&documentReferer=https%3A%2F%2Fenemonzo.org%2F&ancestorOrigins=https%3A%2F%2Fenemonzo.org&random=7199592629866&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
116.202.48.214 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
653024ebb7a1c3cb65eb5ddf3359ebc8670f4211a32f8f9b1faf5e89b5e7c4e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Aug 2023 14:15:39 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
84135800121745704445002012433013
Connection
close
Content-Length
1188
Expires
Thu, 31 Aug 2023 15:15:39 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 31 Aug 2023 14:15:39 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D&documentReferer=https%3A%2F%2Fenemonzo.org%2F&ancestorOrigins=https%3A%2F%2Fenemonzo.org&random=7199592629866&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 31 Aug 2023 15:15:39 +0200
gen_204
pagead2.googlesyndication.com/pagead/ Frame C127 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3LqVi6DwZJOeMqSQjuwP9ZqrKAAAAAA4AeAEAg&bg=!PD-lP3DNAAZnwVY5R8E7ADQBe5WfOBei036ti63T6na9_j5l071_TW-rOYtuO_vDoZN5o7OZQ3xMj0N2yPhGEHQcsmsYAgAAAF1SAAAAEWgBB5kDEEiyUlcyvYqkG8OyLvvARtdx_EXO4PYqUkXS85L8ZJehld0wjTyTh2pH9PwzlKAWUj_G5ejxiD2SC2oMy1dczVN7dSns_dCFY5RTy4F9UO7YfAlrvQgUnkjqGKtKfy2CasZO7qaWudkdQ9PYt0c1OZdeDKqEOMWVgUKbnIU3DnI-bFj9exE9ppkEV3eyuPCktE1xkY-2LUrDbGReaFOjXxK1rgQuPCtf9ga2KLOyQUFdbmvj9ouo240hN-Q9cGKV4v4N51oEjqHATjTyhsLeKO5zlDd5eNhCiNGKMweuw0eD6x-MBy5UlvV1UPVUyBPYMI-1wSVq63fPo30OoI11sWcgXrqrpU9xroAVcci7K--ECaQLQzlXD2N5KX_fSwbfB9IIIRTcYsY3p3SCZYLgk6EHuWdeLkiSpjlybKm2_24UBI4CFBxjN8r1X5bmBh7p02zF740Nc10_aRL79fUzXUvgM3HjUhI6pVMUMJ9EjXyRDBoq2FTs86WonpDV3VqFHr82C4B19EvpS15NF2wAksrNcq8nZ9MGJwyCTSrkt11GqaiJTIfz8mLz2xf5aw53ZjxFpSQyxXWhHeZj3at5FY7q_EaZKNTTh1_7osDQ45O1dQEKZOvJruYHf3WLSZVmQjZHX900uBhSVb-4vyFSK2BR03AegJXNXx0bxq9L57n5Hm-UzprDZncwzpI8lb_BgnPUt0qnZEMpuT13pRghmjAV_ZmBoCdnfVlwcDsgvtjl2Im_YTdVffo0u741Fxgg0BycTeDUWrNajFitAGFzAqMNlOp7dheCCuuR3LLFBBczWux2I5SXiTkg1d9u67gRNMy51CNORH9gOa5OpTB8efMe0GZSlKfz48sQcqk2Y_KDoWPbG41V4_SQvop4YoldQ-QmEOGxAgwVHaunoK4gSWkujYQLmnJ8HjdH3nJTSGV6NruUDDuHZCm5lK1HfyL7ZIW8bKnvkTMEKgygvDI8hgPSOodQ1HQstGbKJAmo5ZSA0qgt5WntrLxtCqdI2y9KYeUFMO-A6NR_lzZt4bQlaHg
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 2C4A 		0
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=84135800121745704445002012433013&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D&documentReferer=https%3A%2F%2Fenemonzo.org%2F&ancestorOrigins=https%3A%2F%2Fenemonzo.org&random=7199592629866&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Content-Length
0
Content-Type
application/javascript; charset=utf-8
Date
Thu, 31 Aug 2023 14:15:40 GMT
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
Server
nginx
Strict-Transport-Security
max-age=15768000
Vary
Origin
X-IPLB-Instance
40027
X-IPLB-Request-ID
8AC72685:8446_91EFC182:01BB_64F0A08C_A194929:22023
htlp
futalis.de/ Frame A660
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=84135800121745704445002012433013&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3040021425
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3040021425
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D&documentReferer=https%3A%2F%2Fenemonzo.org%2F&ancestorOrigins=https%3A%2F%2Fenemonzo.org&random=7199592629866&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-1.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 31 Aug 2023 14:15:40 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3040021425
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 7D84 		0
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=84135800121745704445002012433013&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D&documentReferer=https%3A%2F%2Fenemonzo.org%2F&ancestorOrigins=https%3A%2F%2Fenemonzo.org&random=7199592629866&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 14:15:40 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Host
pv.medialead.de
X-IPLB-Request-ID
8AC72685:8448_91EFC182:01BB_64F0A08C_A26706B:B82C
X-IPLB-Instance
40028
Vary
Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Content-Length
0
Proxy-Host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 7D84 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=84135800121745704445002012433013&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D&documentReferer=https%3A%2F%2Fenemonzo.org%2F&ancestorOrigins=https%3A%2F%2Fenemonzo.org&random=7199592629866&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 14:15:40 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Host
pv.medialead.de
X-IPLB-Request-ID
8AC72685:8444_91EFC182:01BB_64F0A08C_A1AE691:22021
X-IPLB-Instance
40027
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Content-Length
43
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 7D84 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=84135800121745704445002012433013&pv=1
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=2e41c06b24&subid=&uid=163c8ba5009c2c38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeeGdi6DwZMKXE8HH7_UPpI2wCKblvaBpnZecp8kP8C4QASCqgMMiYJWCkIKgB8gBCakCFuxK2ltGsj6oAwHIA5sEqgTpAU_QrpU8x4wKD7Dqtl-Xvsm3NC97_gMzLKcaQsK73IayGfLIGZ2TP2I02XWWpCRUQmSgULBeSYSN-sABH2ERHg65mieW7b4EzJJ351GPVIPPi_xI1K92jK8CD01_ZhcIJ1mbCtk_9KoFlKJD40-4r3kNVcEAr8Fz-Vt5CNleOlCaH-QHIr20wpYJtYkhY_TmB0thsA2_YCc3jFe6HAIPif440x0JYRg_SKSQvkWnpBJ8OcDmHx_Gfp-mBIuKLr7udYHv5LimOM4c4BL11-R_eGTQ4YHskZ3vV5GnAQ875BqmDpx2r3X9q8oRwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIgonX7YqHgQMVweO7CB2kBgwBEAEYASAAEgIjDfD_BwE%26num%3D1%26cid%3DCAQSSwBpAlJW3-54IJuRAeLvyl9tsisvolk4emr2SFDbsbxeU5iFU74fbd02Tw0Cxa0xxVX_eobb8woGDJA_wvvUYdVG40eluOYDAvZ-MRgB%26sig%3DAOD64_1xgyI-3PcGRGvFGrFwhYvoP8dflA%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CO2UgWSoLg38U8ARus4L4zcs828U22Lyzetb72yAfhEIJf7GOaB4fa0Q4PJmXLT3Kz9_3bvj0kfTFehzWEGld5luTT3b89vEyGnzaoyJw0xNXKz1fp7sBzu58cLMJCCKnWGJ2hGLs_FmgyCsHJLzYOawQv8kSezp65FRDeJRMeeTc0LVc%26cry%3D1%26dbm_d%3DAKAmf-AXhJhF1-SJHPGGcSnIt3ABEFabfisjXBHiFE2O2BZq3HoPb7-azSO232f7d0v1mQJOp9msC28TnfQsn5DkQWUj25sniJNHNJ6eF_8GILdz27GoTxWZLXk7ElQ76MBUlbeuusm2xKhxWSELmEaJLJrfZakrtcpNA5eT3flI_MNFsBBVjZ_hM8TYaiqezgyhnGoSHPNFuMaXtfNr1_oWO4deHZT0pC806Rd6AqwV3JCItMApJ-VTStbhMELDT4F7WlezeaoYkDxJeqJM8zxT0ar9GsHqQI3HNt7XaWlzp2X2CLIgcJrWyZEWGD93O_E67frg2gLY0Vb6poZWLKXr52rwuzwYKw8uvvuMSkdjcZ44FBK5MQBouDh5ScTSeKiKY4gLZRdfrmSfpjz0Nnp1jv8YtxBdfzqszsG0SzRRmBlExuz2mDUpyBDGLUyRvA7f4n-3Z0oVkaXXUlA6nPstW5x280gzCwrmwuineBJCXhEEzjJM3CpB7TXWhYp0BxCvfuQTfslTIBU7nCVupdKKyI3RZSxMcGO5UOSjgEpYbkMWdkxp5DU%26adurl%3D&documentReferer=https%3A%2F%2Fenemonzo.org%2F&ancestorOrigins=https%3A%2F%2Fenemonzo.org&random=7199592629866&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.170.194 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-170-194.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Aug 2023 14:15:40 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=3633781578011318&bg=!wcKlwo3NAAYHwnCgJ8I7ADQBe5WfONpULXVcmdjoAn7HluyCZC59NIe9gU0Pri7bJes6pwauf80L-LjQozY6SSqIVH2cAgAAAHJSAAAAB2gBB5kCtOKjgrO8e024YlVZwEGppU5HqIb5LXQIPuidTmY8n3SxZrVIxVFh28_RqxlUqMCByNRUZfzeLFh2PhpNffSudKyLxoNrEnxH1SSdqd6CEeTZh3jlExnt6EMJNYaheL0gLJkOaeI5_E4MEbxI-M7ekkc4N-lr2jQJShmKp_-pPVrES0z35Wnu87-eFpyxrajG5UGtFKP391u3Oazf4b7mqRrQTVvTx6pewjwYeOm9rgy8zQNnP1GIwhzDDNh0xfczxoeDUOl03HUZDD_dxyYqr9PMuyHQDf5_KyqB6h81DvLb-1yclfCHAF3uk99u4wv7Qk_FtsuJYfPhiH8Qrp2Yy6-LWadJM2irz9FwoiBBorUH_0toMgNq0sdjvxAaw75D-kuv60w4w3MAKcMnnotQBasowqwoFNj1I6IclTkYk9G9s-TCvNdTpYjjvjfY6sLQ5si0HLMYyEc-mPXVcIXThVnUazSn72BRSvXjQNZaQ4HqncD1g-H8ebof3bQtc9-TEM3ufPwn3hpDaxCfXrrfvcshAn4TkemirWAjaPzBSJL1ZeYKlecGhEq4vs0W9soc_rrG7iuuYNw3ms88Ee6__xz8gXZh844g2FQ262MJ-oI-tUvQiCOTs8x53-c1bK9Z9Al3hw69LCy5lQio2-B3DRgjskKYvpu51qpFO_m5O8jniailvdKdJktQqxFqalDPgCpX6L9LLOh_WjdCJyWxxET4IxYZ72_21tLKv990OZx3Wg5ZWXbo8xuvasS9aiPas-X2hxvHEKHamcrn1UDLDTYpzh6vKGHOjtbSfTk8egbXr8OE1kB3Zj0Tjcik9stkOl1kFW1vbmqkV2QXA-rt810l3OfvvHDmxDncx2uuctMf8Id08RPXKcbeIaG08fFagDOz7-jU1xFpDiA_IzhcfU1ucuFi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://enemonzo.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
ts.js
cdn.retailads.net/ Frame A660 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3040021425
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:15:40 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
activityi;dc_pre=CP7hkO6Kh4EDFcOlnwodXwkKNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293
5994599.fls.doubleclick.net/ Frame 6998
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CP7hkO6Kh4EDFcOlnwodXwkKNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293?
391 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP7hkO6Kh4EDFcOlnwodXwkKNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293?
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
bc170120edbc021fe24791298229094d3e58ef63f3a28cc239ee32f5722b7658
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
216
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 14:15:40 GMT
expires
Thu, 31 Aug 2023 14:15:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 14:15:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP7hkO6Kh4EDFcOlnwodXwkKNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900013.redintelligence.net/ Frame 932E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900013.redintelligence.net/request_content.php?s=84135800121745704445002012433013&a=00322a5a
Requested by
Host: ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
URL: https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
06bf0d8c0d9b6a9ca0d86cef2309d8679a203ce17e3add848f0b7a74c3d94b2f

Request headers

Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2057
Content-Type
text/html; charset=utf-8
Date
Thu, 31 Aug 2023 14:15:40 GMT
Expires
Thu, 31 Aug 2023 15:15:40 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
css
fonts.googleapis.com/ Frame 932E 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=84135800121745704445002012433013&a=00322a5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 31 Aug 2023 14:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 12:33:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Aug 2023 14:15:40 GMT
/
hal9000.redintelligence.net/scale/ Frame 932E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=84135800121745704445002012433013&a=00322a5a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4dbce83195b68417c710c8579a624bc16e683e9757fcf0919f3694166395ed46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 14:15:40 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16983
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 932E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=84135800121745704445002012433013&a=00322a5a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
71600be7824002f8da4bd83bc351cf7a23399d28e971f0a902ec43d60a1ab7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 14:15:40 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10939
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 932E 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=84135800121745704445002012433013&a=00322a5a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
93897d127a9df345444878611a6b8849cdee700893b89e273f9451e2ca376143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 14:15:40 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12998
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900013.redintelligence.net/ Frame 932E 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900013.redintelligence.net/viewability?s=84135800121745704445002012433013&a=a209c2b9&vb=m
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=84135800121745704445002012433013&a=00322a5a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Schoenwalde, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/request_content.php?s=84135800121745704445002012433013&a=00322a5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 14:15:40 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
dc_pre=CP7hkO6Kh4EDFcOlnwodXwkKNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293
adservice.google.com/ddm/fls/z/ Frame 6998 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP7hkO6Kh4EDFcOlnwodXwkKNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP7hkO6Kh4EDFcOlnwodXwkKNA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5714464399518.293?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D84 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8367730030719&version=m202307240101&ct=77&x=1&cor=68417033058826430
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fenemonzo.org%2F&domain=enemonzo.org&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://enemonzo.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://enemonzo.org
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 31 Aug 2023 14:15:41 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
217676
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fenemonzo.org%2F&domain=enemonzo.org&cw=1&pbt=1&lsw=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://enemonzo.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
238838
expires
0
rid
match.adsrvr.org/track/ 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
cc53dcd2503a2d148541adefec8b435d38e12facceee857c79d52fb09d257f1e

Request headers

Referer
https://enemonzo.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Aug 2023 14:15:42 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://enemonzo.org
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 30 Sep 2023 14:15:42 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7334 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://enemonzo.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 31 Aug 2023 14:15:42 GMT
ETag
"623de86a-cf34"
Expires
Fri, 01 Sep 2023 14:15:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 7334 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:42 GMT
an-x-request-uuid
e4199ad0-33e8-4cd7-8c28-337faddab4dd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7334 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 14:15:43 GMT
an-x-request-uuid
d60c5a91-97da-4b14-8b5a-51020c0e2ede
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| __cfQR object| zxConsentParams object| t object| e object| rbConfig string| token object| rsdfhse object| yaContextCb function| ym object| webpackChunk function| $ function| jQuery boolean| __cfRLUnblockHandlers function| setCookie function| getCookie function| createGeoRestrictionCookie object| AdSlotCollection object| _0xe9ce object| $jscomp function| $jscomp$lookupPolyfilledValue function| ZxStartMainModule21 object| __ZXCONSENT21 number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Ya object| yaCounter71615602 function| cnc object| pcode_855674_default_H8DBENywtV object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| pbjs number| google_unique_id object| gaGlobal boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| regeneratorRuntime object| ox_esp function| setImmediate function| clearImmediate object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| GoogleGcLKhOms object| google_image_requests

36 Cookies

Domain/Path Name / Value
enemonzo.org/ Name: __oagr
Value: true
.yandex.ru/ Name: i
Value: rQQjdEv9H6erTytDnVQI8fIcSxxCJiLMkcXyw1lyVk3G783yZGwImqDX2F2oaucVkTqQx5DRhvz/2ijFJYaaHhH/UQE=
.yandex.ru/ Name: yandexuid
Value: 8722562861693491338
enemonzo.org/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.enemonzo.org/ Name: _sharedID
Value: 5bffd7ad-9fd5-4173-9ee8-6559a962bd07
.enemonzo.org/ Name: _ym_uid
Value: 1693491339604571442
.enemonzo.org/ Name: _ym_d
Value: 1693491339
.enemonzo.org/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 490544617fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 378578703fake
.prebid.a-mo.net/ Name: __amc
Value: 1_1693491339_1693491339
.yandex.com/ Name: yandexuid
Value: 8722562861693491338
.yandex.com/ Name: yuidss
Value: 8722562861693491338
.yandex.com/ Name: i
Value: rQQjdEv9H6erTytDnVQI8fIcSxxCJiLMkcXyw1lyVk3G783yZGwImqDX2F2oaucVkTqQx5DRhvz/2ijFJYaaHhH/UQE=
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 2320447551693491339
.yandex.com/ Name: ymex
Value: 1725027339.yrts.1693491339
.yandex.com/ Name: bh
Value: KgI/MA==
.criteo.com/ Name: uid
Value: 19cc4599-85d4-46a6-ba43-45175c16b5ed
.openx.net/ Name: i
Value: 4e6c0f9c-a9a5-404b-855f-286b53663fe9|1693491339
.enemonzo.org/ Name: cto_bundle
Value: hlNI7l9yb1dXJTJGYm1PV0tlZUJyazFJYyUyRmJFOGlISkphbUhZaEJKJTJCUEl3S2lZSVo0dWNvMGZwSkU5WjZOU29MTG1NVHdXV0dtc1h0eWpjdTcyOEhabnN2OWU5RiUyRnFEUDZOSE5lVDVqM294a3JKYUpJSXY4Yk8zS2YlMkZKMkVEckt2SWpRRmJjOFNxeVFNMWV1VmNXQThVeE1aJTJCblElM0QlM0Q
.enemonzo.org/ Name: __gads
Value: ID=1cc6317157bc0923:T=1693491339:RT=1693491339:S=ALNI_MaJ5fetLj4UTftqyb0BLrPhMhBngQ
.enemonzo.org/ Name: __gpi
Value: UID=00000c6bb368ea98:T=1693491339:RT=1693491339:S=ALNI_MaTr_ZjafRaTFeMGycElMPJrrPpcQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnt48QehjelLmmq-xS_buNFG9uuYmZukH2t7JQy7rMNID7fuWAZwDszsLtZ
.casalemedia.com/ Name: CMID
Value: ZPCgi3J7AyqlATFHb5fWzQAA
.casalemedia.com/ Name: CMPS
Value: 3205
.casalemedia.com/ Name: CMPRO
Value: 3205
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%>[Z(F:!1yIE`fS1ueD1W-044)d+]Ue++Rsf!*n4.Yq3Amz(eM3]-_Euk2cWv<hzQ$RP(hw9P-HC_#u#6r)Y(Px
.adnxs.com/ Name: uuid2
Value: 6073857627183647564
.doubleclick.net/ Name: APC
Value: AfxxVi5qp2LYJr4zODkRP1kfVkr_bjh1lAdLC3uMpiaop48Z2zRg1A
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: df3aec616e8d053e
.retailads.net/ Name: ppb2172
Value: 3040021425
.awin1.com/ Name: awpv11601
Value: 113440|1693491340|dd1c1f11-4808-11ee-b5a9-2261897cac57
.awin1.com/ Name: AWSESS
Value: 357526:3266505
.futalis.de/ Name: raSIDb
Value: 3040021425
enemonzo.org/ Name: unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-08-31T14%3A15%3A42%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.enemonzo.org
ab9c23331654300d35670abeec175ba5.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adx.adform.net
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cdn.retailads.net
cdn.zx-adnet.com
cm.g.doubleclick.net
cmp.optad360.io
dsum-sec.casalemedia.com
enemonzo.org
fonts.googleapis.com
futalis.de
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900013.redintelligence.net
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pv.medialead.de
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.awin1.com
www.bigmp3db.com
www.google.com
www.googletagservices.com
yandex.ru
yastatic.net
108.138.36.27
116.202.48.214
138.201.63.157
141.95.33.111
142.250.184.194
145.239.193.130
147.75.84.158
151.101.1.195
172.217.16.198
178.250.1.11
185.184.8.90
185.80.39.216
185.89.210.122
23.213.164.226
23.218.170.194
2600:9000:2156:3a00:6:b871:4f00:93a1
2600:9000:225b:800:a:e047:753:6381
2600:9000:225b:8a00:11:a4de:2580:93a1
2600:9000:237d:9400:f:a31d:75c0:93a1
2606:4700:10::6816:3456
2606:4700:3033::6815:1205
2606:4700::6810:5814
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a01:4f8:d0a:2321::2
2a02:2638:d::2
2a02:2638:d::d
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
34.102.146.192
34.120.107.143
34.96.70.87
35.244.159.8
35.71.131.137
37.157.6.233
46.4.104.244
49.12.16.151
54.171.14.223
01eb2b007503cee35b2b866f2f10c18e366f2db30971991cc0a0369a7b2d15a2
023a6049b364bd4119acf8b7b4c2f6dec9d88e2371197432f65d35e641b6fc68
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
042265ecf386c41b587ce5677f799f2150161de22a38c5fa99f7c8a51a83ec8c
06bf0d8c0d9b6a9ca0d86cef2309d8679a203ce17e3add848f0b7a74c3d94b2f
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b2d7cd5763f46a92f17c6398a94e91d234e69d4c29cba5857d12c927b5d9bff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3dde21d1af4eff80a67c8165d05ffaf5b2c23e635000fad0a39e22b61174ff
0f8b342822ef1fa6a4a38d2d7921508eba2f06150762e3536a9949d8d7cf7b3f
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1a3fe92d76ad27ed2c1f42344aff6e437eaa94ca4aba6201d5d21f784f7921ce
220302e21f2bc9324cb193a7606619011fd2abd69826bf8770e925afe98f6e33
22d8234cf8cbc4a9b91789100bf5a0bf8c8fec8be585043e8305915c653fbc15
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3483d6f68a6c30819f29067311d2f9f7f33912e12f9f33e181600f00fedb4aff
3a9601888f5dffc5dd26659f6440b7afc4e1aba18689d25d9fc3a775075c231b
3b34dd732c2b9a42bcde72f8f4141716a094a465bcb1e6198500da1a632a1e11
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
496f28c8b8f6be622f3b0a0c4df002e2becc9733649762df3fb1a69698cef932
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbce83195b68417c710c8579a624bc16e683e9757fcf0919f3694166395ed46
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
524d32df87a259cb4aa1e0c9ab51de2003d239b78be5956ae5907faa66dd0f84
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5573c2a0df449ad984294e800675d77360766a0311656727d0757a16899514fa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b672fd69d9a5b06a60acca5ee719cb0d6a8a1d02b2015f8298eb24406737e
56873fc0cf904178ffd5adba4b94efea153ea1d84e382c8306eb5fb8d51080ad
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58eeb4c4d7c3f30f376b13640e283f7c315f6fbcb308587947f1c18cdda9dc35
6146ccb526ac9f2dc9aa499ff6d237618124301d50cddbf435832740c4be5ad8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6349d53638af87171906296307843a5494bdcca44b2c318e999cd4a542dd8128
653024ebb7a1c3cb65eb5ddf3359ebc8670f4211a32f8f9b1faf5e89b5e7c4e0
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
71600be7824002f8da4bd83bc351cf7a23399d28e971f0a902ec43d60a1ab7a9
7194a599f47c483b74efa14da1822e2c6e69ef3aaec3fec2a43c46374752bb8a
7254c09b6307554573bc2c650d55498fe5cd05d8c22a13033e82835f2065553a
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a
77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88
7c6a95dba3a8b52b81edcf7e4b42631ba8b886fd5d892b3ba11ccfe9ce6afb10
851b46658c57b81a80c83c1234db85b2f6b76fc3b9c4721d44b576d11e28a517
8c0489c46f17df6dafdeddb374cbc6b2d17e9f5fe5430b2b43f61111345a7ce5
9045ba6d2d6ce04e889c541b145914fc3c86160b3456c1a3fbc790aff63ed8c4
93897d127a9df345444878611a6b8849cdee700893b89e273f9451e2ca376143
944fd64df565c6c732ebe1993a00414b7e03185576155270d3daebf7477d32d5
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6305eab833184b7b23928ca15e515d84ef3ff7f96c753d91d3b12c721481a47
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
bc170120edbc021fe24791298229094d3e58ef63f3a28cc239ee32f5722b7658
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bfe2bd5d45ae6b8fe2ec77a083a34754914187400c1b44c219958eaecbc78589
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
cc53dcd2503a2d148541adefec8b435d38e12facceee857c79d52fb09d257f1e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d23011c26e93f6e3146b39d813ca6c8906c3d7b89cc1eb59add4bf0596636b95
d40e53fbe3925e58b4c266043a1c592d08e80def92c79300a4277e099de98dab
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
e218098de3cf600689b6c03e487ff8082bb70b99dc5b41c6f8e944b3282f4a3b
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e818e7775d4293586d2ca073442c776055c4dea1b5e29c15b7be436f793a1456
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629